package com.mall.auth;

import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class AuthFailureHandler implements AuthenticationFailureHandler {
   private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
   @Override
   public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
         throws IOException, ServletException {
      System.out.println("**************登录失败！" + e.getMessage());
      // 这里不能使用 当前 request对象进行转发，因为当前的Method是POST
      
      
//      request.setAttribute("msg", "用户名密码错误!!!!");
//       request.getRequestDispatcher("/login").forward(request, response);
      redirectStrategy.sendRedirect(request, response, "/failure");
   }
}
